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REMARKS 

The Examiner is thanked for the performance of a thorough search. 

Claims 8, 15, 22 and 23 have been amended. Claims 1-23 are under examination. 

OBJECTIONS 

Claims 8, 15, 22 and 23 are objected to because of the informalities. Claims 8, 15, 
and 22-23 have been amended to correct informalities. 

REJECTIONS BASED ON THE PRIOR ART 

35U.S.C 103(a) 

Claims 1-23 were rejected under 35 U.S.C 103(a) as being unpatentable over Skene et 
al, U.S. Patent Application Publication 2001/0052016 ("Skene") in view of Ye, U.S. Patent 
6,771,348 ("Ye"). The rejection is respectfully traversed for the following reasons. 

Claim 1 recites, in part: 

a local domain name service (DNS) server that is communicatively coupled to a 

processor and that includes a secure Internet security protocol (IPSEC) cache, 
wherein the secure IPSEC cache is readable only by an Internet protocol (IP) 
processing layer of an operating system that controls execution of an 
application program by the processor; 

receiving a message generated as a result of execution of the application 

program and that contains a domain name; 
searching the secure IPSEC cache for an entry that matches the domain name. 
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Claim 1 recites that the secure IPSEC cache is readable only by an Internet protocol 
(IP) processing layer and that the secure IPSEC cache is searched for an entry that matches 
the domain name . The combination of Skene and Ye fails to teach or suggest these claim 
limitations. Skene may teach a DNS server having a cache that may be searched for an entry 
based on a domain name. However, as the rejection concedes, Skene fails to teach or suggest 
a secure IPSEC cache, as claimed. Ye may teach the use of an Internet protocol (IP) 
processing layer to search a cache based on a source IP address, a destination IP address , 
transmission protocol, source port from the transport layer, and destination port from the 
transport layer. However, the cache in Ye is not searched for an entry that matches a domain 
name , as claimed. Thus, neither Skene nor Ye teach searching a secure IPSEC cache that is 
readable only by an Internet protocol (IP) processing layer for an entry that matches a 
domain name, as claimed. 

Furthermore, by combining Ye's teaching of searching a cache based on a destination 
IP address (and other parameters that do not include a domain name) with Skene's teaching 
of a DNS server having a searchable cache, one would not arrive at the claimed invention. 
This is because one would not be motivated to search Skene's DNS cache with search 
parameters taught by Ye that do not include a domain name. The reason is that Skene teaches 
that the DNS cache is used to resolve the client's requested domain name into an IP address. 
Thus, Skene's DNS cache is searched with a domain name as input with the search result 
being an IP address. However, if the destination IP address is already known, as taught by 
Ye, then one would not search Skene's DNS cache for this information. Moreover, Ye's 
enumerated list of search parameters do not include a domain name. Thus, one would not 
arrive at the claimed invention by combining Ye's teaching with Skene's teaching. 
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For the foregoing reasons, the combination of Skene and Ye fails to teach or suggest 
the claim limitations of "a secure IPSEC cache readable only by an Internet protocol (IP) 
processing layer . . .searching the secure IPSEC cache for an entry that matches the domain 
name." 

Claim 1 further recites that the operating system has an IP processing layer and 
controls execution of the application that generates the message with the domain name: In 
contrast, Applicants assert that Skene teaches that the application that generates the domain 
name resides on the client device , separate from the DNS server. Thus, even if it is presumed 
that Ye teaches an operating system that includes an IPSec layer, and this teaching were 
added to what Skene refers to as a local DNS, the operating system that includes the IPsec 
layer would be on Skene's DNS server. Thus, the operating system in the proposed 
modification of Skene would not also control the execution of the application that generates 
the domain name, as claimed. Therefore, even if the teachings of Ye were to be combined 
with the teachings of Skene as asserted in the rejection, the limitations of Claim 1 would not 
be arrived at. 

To further elaborate, Skene teaches a system in which what Skene refers to as a local 
DNS. However, Skene's local DNS is by necessity a separate computing device then the 
clients 1 12 it serves. Skene defines a local DNS as a DNS that makes name resolution 
requests on behalf of a client [0053]. Referring to FIG. 2, what Skene refers to as a local 
DNS is depicted as a part of the ISP and separate from the client making the request for 
domain name resolution . In the example of FIG. 2, Skene teaches that the client 1 12 contacts 
the local ISP 108 with a request, which the ISP passes on to the local DNS 110 page 4, 
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paragraph 61. Thus, Skene's system by design has remote clients making requests to the 
DNS server via the ISP. 

Moreover, as previously noted, Ye does not teach that the incoming packet from the 
application includes a domain name (see e.g., FIG. 4, 84; col. 3, lines 29-33; col. 4, lines 52- 
56; col. 7, lines 5-8). Thus, Ye does not explicitly teach operating system has an IP 
processing layer and controls execution of the application that generates the message with the 
domain name , as claimed. 

Thus, if Ye were to be combined with Skene as asserted in the rejection, the operating 
system would not have an IP processing layer and control execution of the application that 
generates the message with the domain name, as claimed. 

The Proposed Modification Cannot Render the Prior Art Unsatisfactory 

For Its Intended Purpose 

If proposed modification would render the prior art invention being modified 
unsatisfactory for its intended purpose, then there is no suggestion or motivation to make the 
proposed modification . In re Gordon, 733 F.2d 900, 221 USPQ 1 125 (Fed. Cir. 1984). 

Applicants respectfully assert that no modification to Skene is possible to arrive at the 
claimed invention without rendering Skene unsatisfactory for its intended purpose. Skene 
teaches a system in which the intended purpose of Skene's local DNS server 1 10 is to service 
requests from various remote clients 1 12 that make access to the local ISP by, for example, a 
modem. Were Skene to be modified by putting the client inside of the local DNS 110 Skene 
would no longer serve its intended purpose. 

Thus, the asserted motivation in the rejection to combine references (gaining 
enhanced speed) is contraindicated because the proposed modification would impermissibly 
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render Skene unsatisfactory for its intended purpose. Because there is no motivation to 
modify Skene to arrive at the claimed limitations of "the operating system has an IP 
processing layer and controls execution of the application that generates the message with the 
domain name," Claim 1 is allowable over Skene and Ye. 

For at least the foregoing reasons, Claim 1 is allowable over the prior art. Therefore, 
Applicants request allowance of Claim 1. 

Independent Claim 8 recites, in part: 

receiving a message generated as a result of execution of an application program and 
that contains a domain name; 

searching a secure Internet security protocol (IPSEC) cache for an entry that matches 
the domain name, wherein the secure IPSEC cache is communicatively 
coupled to a local domain name service (DNS) server, and wherein the secure 
IPSEC cache is readable only by an Internet protocol (IP) processing layer of 
an operating system that controls execution of the application program. 

Independent Claims 15 and 22-23 recite similar limitations to those in Claim 8. Claim 
8 recites that the secure IPSEC cache is readable only by an Internet protocol (EP) processing 
layer and that the secure IPSEC cache is searched for an entry that matches the domain name . 
Claim 8 further recites that the operating system has an IP processing layer and controls 
execution of the application that generates the message containing the domain name. 

For at least the reasons discussed in the response to Claim 1, Claims 8, 15, and 22-23 
are believed to be allowable. 
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Claims 2-7, 9-14, 16-21 depend from either Independent Claim 1, Independent Claim 
8, or Independent Claim 15 incorporating limitations therefrom. As explained above, Claims 
1,8, and 15 include limitations that define patentable subject matter. Therefore, these 
dependant claims recite patentable subject matter for at least the same reasons their 
respective independent claims recite patentable subject matter. 

For the foregoing reasons, the Applicants respectfully assert that Claims 2-7, 9-14, 
16-21 are patentable. 

CONCLUSION 

The Applicant believes that all issues raised in the Office Action have been addressed 
and that allowance of the pending claims is appropriate. 

The Examiner is respectfully requested to contact the undersigned by telephone if it is 
believed that such contact would further the examination of the present application. 

For the reasons set forth above, it is respectfully submitted that all of the pending 
claims are now in condition for allowance. Therefore, the issuance of a formal Notice of 
Allowance is believed next in order, and that action is most earnestly solicited. 
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To the extent necessary to make this reply timely filed, the Applicant petitions for an 
extension of time under 37 C.F.R. §1.136. 

If any applicable fee is missing or insufficient, throughout the pendency of this 
application, the Commissioner is hereby authorized to any applicable fees and to credit any 
overpayments to our Deposit Account No. 50-1302. 

Respectfully submitted, 

HICKMAN PALERMO TRUONG & BECKER LLP 



Date: September 13, 2005 (Ai^^y (' yfcfrvA 

Ronald M. Pomerenke 
Reg. No. 43,009 

2055 Gateway Place, #550 

San Jose, CA 95110 

Telephone: (408) 414-1080, ext. 210 

Facsimile: (408) 414-1076 



CERTIFICATE OF MAILING 

I hereby certify that this correspondence is being deposited with the United States Postal 
Service as first class mail in an envelope addressed to: Mail Stop AMENDMENT 
Commissioner for Patents, P.O. Box 1450, Alexandria, VA 22313-1450. 
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